NiFiMCP

CRITICAL: Remote Code Execution (RCE) Vulnerability: The system allows the LLM to dynamically generate and deploy NiFi scripts (e.g., Groovy scripts for 'ExecuteScript' processors). This is a direct RCE vector on the NiFi instance, enabling the execution of arbitrary code. CRITICAL: Sensitive Data Exposure: The 'logging_config.yaml' sets 'interface_debug_enabled: true' by default. When active, this feature writes detailed JSON logs of all LLM requests/responses, MCP server calls, and NiFi API interactions. These logs can contain highly sensitive information, including LLM API keys, NiFi API credentials (username/password), and the full content of dataflows and payloads. This constitutes a critical data leak risk and MUST be disabled ('interface_debug_enabled: false') in any non-development environment. Weakened TLS Security: The 'config.example.yaml' suggests 'tls_verify: false' for local NiFi setups. Disabling TLS verification in production environments exposes the NiFi API to man-in-the-middle attacks. LLM-Mediated Operations Risk: The core functionality involves an LLM directly initiating modifications and deletions of NiFi components. Without robust LLM safety guardrails, prompt injection vulnerabilities could allow malicious actors to hijack the LLM's agency and perform unauthorized operations. Header Overrides for Feature Flags: Configuration settings (e.g., auto_stop_enabled) can be overridden via HTTP headers (e.g., 'X-MCP-Auto-Stop-Enabled'). If the MCP server is exposed without proper authentication/authorization, this could bypass safety mechanisms.